Published: 2009-12-26T06:53+00:00    Last Updated: 2009-12-26T06:53+00:00

JVNTR-2009-27
Microsoft Updates for Multiple Vulnerabilities (TA09-342A)

Overview

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.

Event Information


Date (UTC)Description
2009-12-09 03:03 JPCERT/CC
JPCERT-AT-2009-0025: December 2009 Microsoft Security Bulletin (three critical patches)
2009-12-08 23:25 Microsoft
ms09-dec: Microsoft Security Bulletin Summary for December 2009
Included in this advisory are updates for newly discovered vulnerabilities.
2009-12-08 22:05 US-CERT
TA09-342A: Microsoft Updates for Multiple Vulnerabilities
Via US-CERT Mailing List
2009-12-08 22:04 Fortinet, Inc.
FGA-2009-16: Fortinet Discovers Microsoft Office Project Vulnerability (MS09-074)
Project Memory Validation Vulnerability (CVE-2009-0102, MS09-074)
The vulnerability lies in "winproj.exe", which is used when processing a Project file. A maliciously crafted document may contain a list structure with a malformed element field, that when processed, will result in memory corruption and allow a remote attacker to arbitrarily execute code on the victims machine.
2009-12-08 21:47 Microsoft
Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Internet Explorer Vulnerability (CVE-2009-3672)
Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS09-072 to address this issue.
2009-12-08 21:04 SANS Internet Storm Center
December 2009 Black Tuesday Overview
Overview of the December 2009 Microsoft patches and their status.
2009-12-08 18:28 Symantec
ThreatCON (2) => (2)
On December 8, 2009, Microsoft issued six Security Bulletins to address a number of critical security flaws. Successful exploitation of many of these issues will likely result in remote code execution.
2009-12-08 17:31 US-CERT
Microsoft Releases December Security Bulletin
US-CERT Current Activity
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for December 2009. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
2009-12-03 19:18 Microsoft
ms09-dec: Microsoft Security Bulletin Advance Notification for December 2009
Included in this advisory are updates for newly discovered vulnerabilities.
2009-11-26 15:11 SANS Internet Storm Center
Microsoft Security Advisory (977981)
Further information has been released regarding Microsoft Security Advisory (977981), previously reported here by Marc and Rick to include mitigation factors.
2009-11-26 03:20 Microsoft
Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Internet Explorer Vulnerability (CVE-2009-3672)
This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.
2009-11-24 01:56 Microsoft
Microsoft Security Advisory (977981): Vulnerability in Internet Explorer Could Allow Remote Code Execution
Internet Explorer Vulnerability (CVE-2009-3672)
Microsoft is investigating new public reports of a vulnerability in Internet Explorer.
2009-11-24 01:50 SANS Internet Storm Center
Microsoft Security Advisory 977981 - IE 6 and IE 7
Related to Marc's Diary from 11/23, Microsoft has released Security Advisory 977981.
2009-11-23 05:34 Bugtraq
Code to mitigate IE STYLE zero-day
Vulnerability Proof Of Concept (CVE-2009-3672)
#Cid:37085-2.html
2009-11-22 03:58 SANS Internet Storm Center
IE6 and IE7 0-Day Reported (Version: 3)
A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the "getElementsByTagName()" method, which could allow attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a malicious web page.
2009-11-20 18:04 Bugtraq
IE7
Vulnerability Proof Of Concept (CVE-2009-3672)
#Cid:37085.html
2009-08-10 Zero Day Initiative (ZDI)
ZDI-09-088: Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2009-3674, MS09-072)
Vulnerability Reported
The specific flaw exists during deallocation of a circular dereference for a CAttrArray object. If the CAttrArray object has been freed prior to the tearing down of the webpage, the application will access the freed memory during the deallocation of the circular dereference. This can lead to code execution under the context of the currently logged in user.
2009-07-21 Zero Day Initiative (ZDI)
ZDI-09-087: Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2009-3673, MS09-072)
Vulnerability Reported
The specific flaw exists during a race condition while repetitively clicking between two elements at a fast rate. When clicking back and forth between these two elements a corruption occurs resulting in a call to a dangling pointer which can be further leveraged into code execution via a heap spray. Exploitation of this vulnerability will lead to remote system compromise under the credentials of the currently logged in user.
2009-06-23 Zero Day Initiative (ZDI)
ZDI-09-086: Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability
Uninitialized Memory Corruption Vulnerability (CVE-2009-3671, MS09-072)
Vulnerability Reported
The specific flaw exists in the manipulation and parsing of certain HTML tags. The ordering of various objects in a malformed way results in memory corruption resulting in a call to a dangling pointer which can be further leveraged via a heap spray. Exploitation of this vulnerability will lead to remote system compromise under the credentials of the currently logged in user.
2009-06-09 iDefense
Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerability
HTML Object Memory Corruption Vulnerability (CVE-2009-3672, MS09-072)
Vulnerability Reported
The vulnerability exists due to an uninitialized stack variable in the 'CLayout::EnsureDispNode' method. This method is called to recalculate the location of various HTML elements within the page. This function passes a 'CDispNodeInfo' object to another function, 'CLayout::GetDispNodeInfo', which is supposed to initialize the object passed in. However, the function fails to properly initialize a flags value that is used later to determine how many "extra" bytes to allocate for a heap buffer.
2008-12-18 iDefense
Microsoft WordPad Word97 Converter Integer Overflow Vulnerability
WordPad and Office Text converter Memory Corruption Vulnerability (CVE-2009-2506, MS09-073)
Vulnerability Reported
The vulnerability occurs when parsing the DocumentSummaryInformation stream inside of a DOC file. This stream is used to provide information about the author of the document, date of creation, and similar data. Part of the data in this stream is a sequence of property name and value pairs. When reading in the names of these properties, the code performs a calculation using a 32bit integer from the file that represents the number of names present. The value is used without any check on its bounds, which can lead to an integer overflow.